The Red Hat Security Response Team has rated this update as havingimportant security impact. A Common Vulnerability Scoring System (CVSS)base score, which gives a detailed severity rating, is available from theCVE link in the References section.

The policycoreutils packages contain the core utilities that arerequired for the basic operation of a Security-Enhanced Linux (SELinux)system and its policies.

It was discovered that the seunshare utility did not enforce proper filepermissions on the directory used as an alternate temporary directorymounted as /tmp/. A local user could use this flaw to overwrite files or,possibly, execute arbitrary code with the privileges of a setuid orsetgid application that relies on proper /tmp/ permissions, by running thatapplication via seunshare. (CVE-2011-1011)

Red Hat would like to thank Tavis Ormandy for reporting this issue.

This update also introduces the following changes:

* The seunshare utility was moved from the main policycoreutils subpackageto the policycoreutils-sandbox subpackage. This utility is only requiredby the sandbox feature and does not need to be installed by default.